Overview

overview

7

Static

static

3

9f892f9dac...cs.exe

windows7-x64

7

9f892f9dac...cs.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    9f892f9dac5d3bcc8f81261826a0b160_NeikiAnalytics.exe

  • Size

    12KB

  • Sample

    240524-txecasbg8z

  • MD5

    9f892f9dac5d3bcc8f81261826a0b160

  • SHA1

    54a98ff4a2978558e4632dd480ee5ec43359f434

  • SHA256

    2df595775db1744f9281307f04fb7929782d77e55aaa9ebfaa96c37eefd264d2

  • SHA512

    fcd616a79f719f10cb9cb61addd64195a99d3db61e220e91a9511fe7477898a7332f5dd3273535fc128110af7907dda709b919561295ec573bd752d8e6513009

  • SSDEEP

    384:AL7li/2zJq2DcEQvdhcJKLTp/NK9xasT:epM/Q9csT

Score
7/10

Malware Config

Targets

    • Target

      9f892f9dac5d3bcc8f81261826a0b160_NeikiAnalytics.exe

    • Size

      12KB

    • MD5

      9f892f9dac5d3bcc8f81261826a0b160

    • SHA1

      54a98ff4a2978558e4632dd480ee5ec43359f434

    • SHA256

      2df595775db1744f9281307f04fb7929782d77e55aaa9ebfaa96c37eefd264d2

    • SHA512

      fcd616a79f719f10cb9cb61addd64195a99d3db61e220e91a9511fe7477898a7332f5dd3273535fc128110af7907dda709b919561295ec573bd752d8e6513009

    • SSDEEP

      384:AL7li/2zJq2DcEQvdhcJKLTp/NK9xasT:epM/Q9csT

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks